You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by ch...@apache.org on 2014/07/22 01:57:28 UTC
[15/43] couchdb commit: updated refs/heads/1963-eunit-bigcouch to
424dca5
Port 075-auth-cache.t etap test suite to eunit
Timeouts are removed.
Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/4d6a5010
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/4d6a5010
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/4d6a5010
Branch: refs/heads/1963-eunit-bigcouch
Commit: 4d6a501020b0b433eab8e9a92fd59c053f4290d6
Parents: cb70621
Author: Alexander Shorin <kx...@apache.org>
Authored: Thu May 22 13:07:24 2014 +0400
Committer: Russell Branca <ch...@apache.org>
Committed: Mon Jul 21 16:43:00 2014 -0700
----------------------------------------------------------------------
test/couchdb/couch_auth_cache_tests.erl | 246 ++++++++++++++++++++++++
test/etap/075-auth-cache.t | 274 ---------------------------
2 files changed, 246 insertions(+), 274 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/couchdb/blob/4d6a5010/test/couchdb/couch_auth_cache_tests.erl
----------------------------------------------------------------------
diff --git a/test/couchdb/couch_auth_cache_tests.erl b/test/couchdb/couch_auth_cache_tests.erl
new file mode 100644
index 0000000..34f7127
--- /dev/null
+++ b/test/couchdb/couch_auth_cache_tests.erl
@@ -0,0 +1,246 @@
+% Licensed under the Apache License, Version 2.0 (the "License"); you may not
+% use this file except in compliance with the License. You may obtain a copy of
+% the License at
+%
+% http://www.apache.org/licenses/LICENSE-2.0
+%
+% Unless required by applicable law or agreed to in writing, software
+% distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+% WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+% License for the specific language governing permissions and limitations under
+% the License.
+
+-module(couch_auth_cache_tests).
+
+-include("couch_eunit.hrl").
+-include_lib("couchdb/couch_db.hrl").
+
+-define(ADMIN_USER, {user_ctx, #user_ctx{roles=[<<"_admin">>]}}).
+-define(SALT, <<"SALT">>).
+-define(TIMEOUT, 1000).
+
+
+start() ->
+ {ok, Pid} = couch_server_sup:start_link(?CONFIG_CHAIN),
+ Pid.
+
+stop(Pid) ->
+ erlang:monitor(process, Pid),
+ couch_server_sup:stop(),
+ receive
+ {'DOWN', _, _, Pid, _} ->
+ ok
+ after ?TIMEOUT ->
+ throw({timeout, server_stop})
+ end.
+
+setup() ->
+ DbName = ?tempdb(),
+ couch_config:set("couch_httpd_auth", "authentication_db",
+ ?b2l(DbName), false),
+ DbName.
+
+teardown(DbName) ->
+ ok = couch_server:delete(DbName, [?ADMIN_USER]),
+ ok.
+
+
+couch_auth_cache_test_() ->
+ {
+ "CouchDB auth cache tests",
+ {
+ setup,
+ fun start/0, fun stop/1,
+ {
+ foreach,
+ fun setup/0, fun teardown/1,
+ [
+ fun should_get_nil_on_missed_cache/1,
+ fun should_get_right_password_hash/1,
+ fun should_ensure_doc_hash_equals_cached_one/1,
+ fun should_update_password/1,
+ fun should_cleanup_cache_after_userdoc_deletion/1,
+ fun should_restore_cache_after_userdoc_recreation/1,
+ fun should_drop_cache_on_auth_db_change/1,
+ fun should_restore_cache_on_auth_db_change/1,
+ fun should_recover_cache_after_shutdown/1
+ ]
+ }
+ }
+ }.
+
+
+should_get_nil_on_missed_cache(_) ->
+ ?_assertEqual(nil, couch_auth_cache:get_user_creds("joe")).
+
+should_get_right_password_hash(DbName) ->
+ ?_assert(begin
+ PasswordHash = hash_password("pass1"),
+ {ok, _} = update_user_doc(DbName, "joe", "pass1"),
+ Creds = couch_auth_cache:get_user_creds("joe"),
+ ?assertEqual(PasswordHash,
+ couch_util:get_value(<<"password_sha">>, Creds)),
+ true
+ end).
+
+should_ensure_doc_hash_equals_cached_one(DbName) ->
+ ?_assert(begin
+ {ok, _} = update_user_doc(DbName, "joe", "pass1"),
+ Creds = couch_auth_cache:get_user_creds("joe"),
+
+ CachedHash = couch_util:get_value(<<"password_sha">>, Creds),
+ StoredHash = get_user_doc_password_sha(DbName, "joe"),
+ ?assertEqual(StoredHash, CachedHash),
+ true
+ end).
+
+should_update_password(DbName) ->
+ ?_assert(begin
+ PasswordHash = hash_password("pass2"),
+ {ok, Rev} = update_user_doc(DbName, "joe", "pass1"),
+ {ok, _} = update_user_doc(DbName, "joe", "pass2", Rev),
+ Creds = couch_auth_cache:get_user_creds("joe"),
+ ?assertEqual(PasswordHash,
+ couch_util:get_value(<<"password_sha">>, Creds)),
+ true
+ end).
+
+should_cleanup_cache_after_userdoc_deletion(DbName) ->
+ ?_assert(begin
+ {ok, _} = update_user_doc(DbName, "joe", "pass1"),
+ delete_user_doc(DbName, "joe"),
+ ?assertEqual(nil, couch_auth_cache:get_user_creds("joe")),
+ true
+ end).
+
+should_restore_cache_after_userdoc_recreation(DbName) ->
+ ?_assert(begin
+ PasswordHash = hash_password("pass5"),
+ {ok, _} = update_user_doc(DbName, "joe", "pass1"),
+ delete_user_doc(DbName, "joe"),
+ ?assertEqual(nil, couch_auth_cache:get_user_creds("joe")),
+
+ {ok, _} = update_user_doc(DbName, "joe", "pass5"),
+ Creds = couch_auth_cache:get_user_creds("joe"),
+
+ ?assertEqual(PasswordHash,
+ couch_util:get_value(<<"password_sha">>, Creds)),
+ true
+ end).
+
+should_drop_cache_on_auth_db_change(DbName) ->
+ ?_assert(begin
+ {ok, _} = update_user_doc(DbName, "joe", "pass1"),
+ full_commit(DbName),
+ couch_config:set("couch_httpd_auth", "authentication_db",
+ ?b2l(?tempdb()), false),
+ ?assertEqual(nil, couch_auth_cache:get_user_creds("joe")),
+ true
+ end).
+
+should_restore_cache_on_auth_db_change(DbName) ->
+ ?_assert(begin
+ PasswordHash = hash_password("pass1"),
+ {ok, _} = update_user_doc(DbName, "joe", "pass1"),
+ Creds = couch_auth_cache:get_user_creds("joe"),
+ full_commit(DbName),
+
+ DbName1 = ?tempdb(),
+ couch_config:set("couch_httpd_auth", "authentication_db",
+ ?b2l(DbName1), false),
+
+ {ok, _} = update_user_doc(DbName1, "joe", "pass5"),
+ full_commit(DbName1),
+
+ couch_config:set("couch_httpd_auth", "authentication_db",
+ ?b2l(DbName), false),
+
+ Creds = couch_auth_cache:get_user_creds("joe"),
+ ?assertEqual(PasswordHash,
+ couch_util:get_value(<<"password_sha">>, Creds)),
+ true
+ end).
+
+should_recover_cache_after_shutdown(DbName) ->
+ ?_assert(begin
+ PasswordHash = hash_password("pass2"),
+ {ok, Rev0} = update_user_doc(DbName, "joe", "pass1"),
+ {ok, Rev1} = update_user_doc(DbName, "joe", "pass2", Rev0),
+ full_commit(DbName),
+ shutdown_db(DbName),
+ {ok, Rev1} = get_doc_rev(DbName, "joe"),
+ ?assertEqual(PasswordHash, get_user_doc_password_sha(DbName, "joe")),
+ true
+ end).
+
+
+update_user_doc(DbName, UserName, Password) ->
+ update_user_doc(DbName, UserName, Password, nil).
+
+update_user_doc(DbName, UserName, Password, Rev) ->
+ User = iolist_to_binary(UserName),
+ Doc = couch_doc:from_json_obj({[
+ {<<"_id">>, <<"org.couchdb.user:", User/binary>>},
+ {<<"name">>, User},
+ {<<"type">>, <<"user">>},
+ {<<"salt">>, ?SALT},
+ {<<"password_sha">>, hash_password(Password)},
+ {<<"roles">>, []}
+ ] ++ case Rev of
+ nil -> [];
+ _ -> [{<<"_rev">>, Rev}]
+ end
+ }),
+ {ok, AuthDb} = couch_db:open_int(DbName, [?ADMIN_USER]),
+ {ok, NewRev} = couch_db:update_doc(AuthDb, Doc, []),
+ ok = couch_db:close(AuthDb),
+ {ok, couch_doc:rev_to_str(NewRev)}.
+
+hash_password(Password) ->
+ ?l2b(couch_util:to_hex(crypto:sha(iolist_to_binary([Password, ?SALT])))).
+
+shutdown_db(DbName) ->
+ {ok, AuthDb} = couch_db:open_int(DbName, [?ADMIN_USER]),
+ ok = couch_db:close(AuthDb),
+ couch_util:shutdown_sync(AuthDb#db.main_pid),
+ ok = timer:sleep(1000).
+
+get_doc_rev(DbName, UserName) ->
+ DocId = iolist_to_binary([<<"org.couchdb.user:">>, UserName]),
+ {ok, AuthDb} = couch_db:open_int(DbName, [?ADMIN_USER]),
+ UpdateRev =
+ case couch_db:open_doc(AuthDb, DocId, []) of
+ {ok, Doc} ->
+ {Props} = couch_doc:to_json_obj(Doc, []),
+ couch_util:get_value(<<"_rev">>, Props);
+ {not_found, missing} ->
+ nil
+ end,
+ ok = couch_db:close(AuthDb),
+ {ok, UpdateRev}.
+
+get_user_doc_password_sha(DbName, UserName) ->
+ DocId = iolist_to_binary([<<"org.couchdb.user:">>, UserName]),
+ {ok, AuthDb} = couch_db:open_int(DbName, [?ADMIN_USER]),
+ {ok, Doc} = couch_db:open_doc(AuthDb, DocId, []),
+ ok = couch_db:close(AuthDb),
+ {Props} = couch_doc:to_json_obj(Doc, []),
+ couch_util:get_value(<<"password_sha">>, Props).
+
+delete_user_doc(DbName, UserName) ->
+ DocId = iolist_to_binary([<<"org.couchdb.user:">>, UserName]),
+ {ok, AuthDb} = couch_db:open_int(DbName, [?ADMIN_USER]),
+ {ok, Doc} = couch_db:open_doc(AuthDb, DocId, []),
+ {Props} = couch_doc:to_json_obj(Doc, []),
+ DeletedDoc = couch_doc:from_json_obj({[
+ {<<"_id">>, DocId},
+ {<<"_rev">>, couch_util:get_value(<<"_rev">>, Props)},
+ {<<"_deleted">>, true}
+ ]}),
+ {ok, _} = couch_db:update_doc(AuthDb, DeletedDoc, []),
+ ok = couch_db:close(AuthDb).
+
+full_commit(DbName) ->
+ {ok, AuthDb} = couch_db:open_int(DbName, [?ADMIN_USER]),
+ {ok, _} = couch_db:ensure_full_commit(AuthDb),
+ ok = couch_db:close(AuthDb).
http://git-wip-us.apache.org/repos/asf/couchdb/blob/4d6a5010/test/etap/075-auth-cache.t
----------------------------------------------------------------------
diff --git a/test/etap/075-auth-cache.t b/test/etap/075-auth-cache.t
deleted file mode 100755
index 4d79134..0000000
--- a/test/etap/075-auth-cache.t
+++ /dev/null
@@ -1,274 +0,0 @@
-#!/usr/bin/env escript
-%% -*- erlang -*-
-% Licensed under the Apache License, Version 2.0 (the "License"); you may not
-% use this file except in compliance with the License. You may obtain a copy of
-% the License at
-%
-% http://www.apache.org/licenses/LICENSE-2.0
-%
-% Unless required by applicable law or agreed to in writing, software
-% distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-% WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-% License for the specific language governing permissions and limitations under
-% the License.
-
--record(user_ctx, {
- name = null,
- roles = [],
- handler
-}).
-
--record(db, {
- main_pid = nil,
- compactor_pid = nil,
- instance_start_time, % number of microsecs since jan 1 1970 as a binary string
- fd,
- fd_monitor,
- header,
- committed_update_seq,
- id_tree,
- seq_tree,
- local_tree,
- update_seq,
- name,
- filepath,
- validate_doc_funs = [],
- security = [],
- security_ptr = nil,
- user_ctx = #user_ctx{},
- waiting_delayed_commit = nil,
- revs_limit = 1000,
- fsync_options = [],
- options = [],
- compression,
- before_doc_update = nil, % nil | fun(Doc, Db) -> NewDoc
- after_doc_read = nil % nil | fun(Doc, Db) -> NewDoc
-}).
-
-auth_db_name() -> <<"couch_test_auth_db">>.
-auth_db_2_name() -> <<"couch_test_auth_db_2">>.
-salt() -> <<"SALT">>.
-
-
-main(_) ->
- test_util:init_code_path(),
-
- etap:plan(19),
- case (catch test()) of
- ok ->
- etap:end_tests();
- Other ->
- etap:diag(io_lib:format("Test died abnormally: ~p", [Other])),
- etap:bail(Other)
- end,
- ok.
-
-
-test() ->
- test_util:start_couch(),
- OrigName = config:get("couch_httpd_auth", "authentication_db"),
- config:set(
- "couch_httpd_auth", "authentication_db",
- binary_to_list(auth_db_name()), false),
- delete_db(auth_db_name()),
- delete_db(auth_db_2_name()),
-
- test_auth_db_crash(),
-
- config:set("couch_httpd_auth", "authentication_db", OrigName, false),
- delete_db(auth_db_name()),
- delete_db(auth_db_2_name()),
- couch_server_sup:stop(),
- ok.
-
-
-test_auth_db_crash() ->
- Creds0 = couch_auth_cache:get_user_creds("joe"),
- etap:is(Creds0, nil, "Got nil when getting joe's credentials"),
-
- etap:diag("Adding first version of Joe's user doc"),
- PasswordHash1 = hash_password("pass1"),
- {ok, Rev1} = update_user_doc(auth_db_name(), "joe", "pass1"),
-
- Creds1 = couch_auth_cache:get_user_creds("joe"),
- etap:is(is_list(Creds1), true, "Got joe's credentials from cache"),
- etap:is(couch_util:get_value(<<"password_sha">>, Creds1), PasswordHash1,
- "Cached credentials have the right password"),
-
- etap:diag("Updating Joe's user doc password"),
- PasswordHash2 = hash_password("pass2"),
- {ok, _Rev2} = update_user_doc(auth_db_name(), "joe", "pass2", Rev1),
-
- Creds2 = couch_auth_cache:get_user_creds("joe"),
- etap:is(is_list(Creds2), true, "Got joe's credentials from cache"),
- etap:is(couch_util:get_value(<<"password_sha">>, Creds2), PasswordHash2,
- "Cached credentials have the new password"),
-
- etap:diag("Shutting down the auth database process"),
- shutdown_db(auth_db_name()),
-
- {ok, UpdateRev} = get_doc_rev(auth_db_name(), "joe"),
- PasswordHash3 = hash_password("pass3"),
- {ok, _Rev3} = update_user_doc(auth_db_name(), "joe", "pass3", UpdateRev),
-
- etap:is(get_user_doc_password_sha(auth_db_name(), "joe"),
- PasswordHash3,
- "Latest Joe's doc revision has the new password hash"),
-
- Creds3 = couch_auth_cache:get_user_creds("joe"),
- etap:is(is_list(Creds3), true, "Got joe's credentials from cache"),
- etap:is(couch_util:get_value(<<"password_sha">>, Creds3), PasswordHash3,
- "Cached credentials have the new password"),
-
- etap:diag("Deleting Joe's user doc"),
- delete_user_doc(auth_db_name(), "joe"),
- Creds4 = couch_auth_cache:get_user_creds("joe"),
- etap:is(nil, Creds4,
- "Joe's credentials not found in cache after user doc was deleted"),
-
- etap:diag("Adding new user doc for Joe"),
- PasswordHash5 = hash_password("pass5"),
- {ok, _NewRev1} = update_user_doc(auth_db_name(), "joe", "pass5"),
-
- Creds5 = couch_auth_cache:get_user_creds("joe"),
- etap:is(is_list(Creds5), true, "Got joe's credentials from cache"),
- etap:is(couch_util:get_value(<<"password_sha">>, Creds5), PasswordHash5,
- "Cached credentials have the right password"),
-
- full_commit(auth_db_name()),
-
- etap:diag("Changing the auth database"),
- config:set(
- "couch_httpd_auth", "authentication_db",
- binary_to_list(auth_db_2_name()), false),
- ok = timer:sleep(500),
-
- Creds6 = couch_auth_cache:get_user_creds("joe"),
- etap:is(nil, Creds6,
- "Joe's credentials not found in cache after auth database changed"),
-
- etap:diag("Adding first version of Joe's user doc to new auth database"),
- PasswordHash7 = hash_password("pass7"),
- {ok, _} = update_user_doc(auth_db_2_name(), "joe", "pass7"),
-
- Creds7 = couch_auth_cache:get_user_creds("joe"),
- etap:is(is_list(Creds7), true, "Got joe's credentials from cache"),
- etap:is(couch_util:get_value(<<"password_sha">>, Creds7), PasswordHash7,
- "Cached credentials have the right password"),
-
- etap:diag("Shutting down the auth database process"),
- shutdown_db(auth_db_2_name()),
-
- {ok, UpdateRev2} = get_doc_rev(auth_db_2_name(), "joe"),
- PasswordHash8 = hash_password("pass8"),
- {ok, _Rev8} = update_user_doc(auth_db_2_name(), "joe", "pass8", UpdateRev2),
-
- etap:is(get_user_doc_password_sha(auth_db_2_name(), "joe"),
- PasswordHash8,
- "Latest Joe's doc revision has the new password hash"),
-
- Creds8 = couch_auth_cache:get_user_creds("joe"),
- etap:is(is_list(Creds8), true, "Got joe's credentials from cache"),
- etap:is(couch_util:get_value(<<"password_sha">>, Creds8), PasswordHash8,
- "Cached credentials have the new password"),
-
- etap:diag("Changing the auth database again"),
- config:set(
- "couch_httpd_auth", "authentication_db",
- binary_to_list(auth_db_name()), false),
- ok = timer:sleep(500),
-
- Creds9 = couch_auth_cache:get_user_creds("joe"),
- etap:is(Creds9, Creds5,
- "Got same credentials as before the firt auth database change"),
- etap:is(couch_util:get_value(<<"password_sha">>, Creds9), PasswordHash5,
- "Cached credentials have the right password"),
- ok.
-
-
-update_user_doc(DbName, UserName, Password) ->
- update_user_doc(DbName, UserName, Password, nil).
-
-update_user_doc(DbName, UserName, Password, Rev) ->
- User = iolist_to_binary(UserName),
- Doc = couch_doc:from_json_obj({[
- {<<"_id">>, <<"org.couchdb.user:", User/binary>>},
- {<<"name">>, User},
- {<<"type">>, <<"user">>},
- {<<"salt">>, salt()},
- {<<"password_sha">>, hash_password(Password)},
- {<<"roles">>, []}
- ] ++ case Rev of
- nil -> [];
- _ -> [{<<"_rev">>, Rev}]
- end}),
- {ok, AuthDb} = open_auth_db(DbName),
- {ok, NewRev} = couch_db:update_doc(AuthDb, Doc, []),
- ok = couch_db:close(AuthDb),
- {ok, couch_doc:rev_to_str(NewRev)}.
-
-
-hash_password(Password) ->
- list_to_binary(
- couch_util:to_hex(crypto:sha(iolist_to_binary([Password, salt()])))).
-
-
-shutdown_db(DbName) ->
- {ok, AuthDb} = open_auth_db(DbName),
- ok = couch_db:close(AuthDb),
- couch_util:shutdown_sync(AuthDb#db.main_pid),
- ok = timer:sleep(1000).
-
-
-get_doc_rev(DbName, UserName) ->
- DocId = iolist_to_binary([<<"org.couchdb.user:">>, UserName]),
- {ok, AuthDb} = open_auth_db(DbName),
- UpdateRev =
- case couch_db:open_doc(AuthDb, DocId, []) of
- {ok, Doc} ->
- {Props} = couch_doc:to_json_obj(Doc, []),
- couch_util:get_value(<<"_rev">>, Props);
- {not_found, missing} ->
- nil
- end,
- ok = couch_db:close(AuthDb),
- {ok, UpdateRev}.
-
-
-get_user_doc_password_sha(DbName, UserName) ->
- DocId = iolist_to_binary([<<"org.couchdb.user:">>, UserName]),
- {ok, AuthDb} = open_auth_db(DbName),
- {ok, Doc} = couch_db:open_doc(AuthDb, DocId, []),
- ok = couch_db:close(AuthDb),
- {Props} = couch_doc:to_json_obj(Doc, []),
- couch_util:get_value(<<"password_sha">>, Props).
-
-
-delete_user_doc(DbName, UserName) ->
- DocId = iolist_to_binary([<<"org.couchdb.user:">>, UserName]),
- {ok, AuthDb} = open_auth_db(DbName),
- {ok, Doc} = couch_db:open_doc(AuthDb, DocId, []),
- {Props} = couch_doc:to_json_obj(Doc, []),
- DeletedDoc = couch_doc:from_json_obj({[
- {<<"_id">>, DocId},
- {<<"_rev">>, couch_util:get_value(<<"_rev">>, Props)},
- {<<"_deleted">>, true}
- ]}),
- {ok, _} = couch_db:update_doc(AuthDb, DeletedDoc, []),
- ok = couch_db:close(AuthDb).
-
-
-full_commit(DbName) ->
- {ok, AuthDb} = open_auth_db(DbName),
- {ok, _} = couch_db:ensure_full_commit(AuthDb),
- ok = couch_db:close(AuthDb).
-
-
-open_auth_db(DbName) ->
- couch_db:open_int(
- DbName, [{user_ctx, #user_ctx{roles = [<<"_admin">>]}}]).
-
-
-delete_db(Name) ->
- couch_server:delete(
- Name, [{user_ctx, #user_ctx{roles = [<<"_admin">>]}}]).